[PC-BSD Testing] PC-BSD 8.2-RC1 Installation issues

Lars Engels lars.engels at 0x20.net
Wed Jan 12 13:33:21 PST 2011


On Wed, Jan 12, 2011 at 04:30:38PM -0500, Kris Moore wrote:
> On 01/12/2011 16:15, LinuxBSDos.com wrote:
> > 
> >> Should we enforce password lengths/"complexity"? I'm a fan of the UNIX
> >> model: Be stupid and expect stupid.
> > 
> > I think it makes plenty of sense to enforce password length. Complexity,
> > I'm not too worried about, but length, yes (don't let you mind stray from
> > the topic ;) )!
> > 
> > We should not make it easy for users, especially inexperienced ones, to
> > install loosely secured systems.
> > 
> > I have a system I installed yesterday where the root passwd is "r" and the
> > user password is "s." That's just as bad as auto-login.
> > 
> > I'm just happy that Kris has cleaned that bit up. That said, I think a
> > 4-character minimum for user password is to0 low. Six to 8 should be
> > better.
> > 
> > 
> 
> Well, I made the user/root passwords a bit less strict, since a common
> one for virtual-machines is "pcbsd" :)
> 
> >> IIRC, SSH is disabled in PC-BSD so there shouldn't be too much worry if
> > a > user prefers 'password'.
> > 
> > I don't think that running a network service is the sole reason for
> > setting strong passwords. What about protecting physical access?
> > 
> 
> In the case of disk-encryption, yes you want a better password. But when
> it comes to physical access, just reboot and go to single user,
> insta-root. (Why i use encryption on my disks now)

In /etc/ttys change 
console none                            unknown off secure
to 
console none                            unknown off insecure

to ask for the root password before entering single user mode.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <http://lists.pcbsd.org/pipermail/testing/attachments/20110112/4f06f1c7/attachment.pgp>


More information about the Testing mailing list